The Wafphp project was inspired by Senginx because of the many uncontrolled factors found in the use of Senginx, and the fact that it is not desirable for small projects to cause the nginx load to be too high to affect other core projects because of the ability to turn on certain features. and Nginx configuration changes require much more permissions than PHP code changes, so there is a PHP-class Web Application Protection framework.
About the work
A PHP-level Web Application Protection framework. Designed to provide a PHP-class Web Application Protection framework that does not conflict with existing code, it is possible to develop a variety of Web application protection plug-ins, such as anti-Bot malware collection, which is a must-have for home travel.
PS: Of course, this is just a way of thinking, suitable for some special scenarios, it does not completely replace your professional firewall:)
Start:
To avoid affecting the output of wafphp, do not have any HTML output require_once ' #your wafphp path#/wafphp.php ' before loading wafphp;//Singleton mode start wafphp$wafphp = wafphp\ Wafphp::getinstance ();//Execute Script Detection $wafphp->runcheck (); #Your code#
Or
To avoid affecting the output of the wafphp, do not have any HTML output require_once ' #your wafphp path#/wafphp.php ' before loading the wafphp;//You can use stand-alone configuration on demand, The default configuration in the configuration file is $config = Wafphp\wafphp::getcurrentconfig ();//Modify specific configuration Parameters $config[' some_config '] = ' Your value ';// Start with custom Configuration wafphp$wafphp = Wafphp\wafphp::getinstance ($config);//Execute Script Detection $wafphp->runcheck (); #Your code#
Configuration
Configuration file path:
#your wafphp path#/conf/config.default.php
Please refer to the notes in the configuration file for detailed configuration.
Project home:http://www.open-open.com/lib/view/home/1445865140648